1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

NETSTAT - TAILS OS - HELP INTERPRETING

Discussion in 'Networking' started by netherenow, Jul 11, 2018.

Thread Status:
Not open for further replies.
  1. netherenow

    netherenow Thread Starter

    Joined:
    Jul 11, 2018
    Messages:
    1
    Would appreciate feedback on netstat output. Using Tails livedvd. I am a beginner with it. Thanks.

    [email protected]:~$ netstat -at
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    tcp 0 0 localhost:ipp : LISTEN
    tcp 0 0 localhost:6136 : LISTEN
    tcp 0 0 localhost:9050 : LISTEN
    tcp 0 0 localhost:9051 : LISTEN
    tcp 0 0 localhost:9052 : LISTEN
    tcp 0 0 localhost:9150 : LISTEN
    tcp 0 0 localhost:9061 : LISTEN
    tcp 0 0 localhost:9062 : LISTEN
    tcp 0 0 localhost:9040 : LISTEN
    tcp 0 0 192.168.1.104:54300 94.130.183.13:https ESTABLISHED
    tcp 0 0 192.168.1.104:48782 93.180.156.84:9001 TIME_WAIT
    tcp 0 0 localhost:48766 localhost:9062 TIME_WAIT
    tcp 0 0 192.168.1.104:33004 95.216.30.245:https ESTABLISHED
    tcp 0 0 localhost:48770 localhost:9062 TIME_WAIT
    tcp 0 0 localhost:48772 localhost:9062 TIME_WAIT
    tcp 0 0 localhost:48774 localhost:9062 TIME_WAIT
    tcp 0 0 192.168.1.104:44176 171.25.193.77:https ESTABLISHED
    tcp 0 0 192.168.1.104:49888 94.130.180.220:https ESTABLISHED
    tcp 0 0 localhost:48764 localhost:9062 TIME_WAIT
    [email protected]:~$ netstat -au
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    udp 0 0 127.0.0.2:domain :
    udp 0 0 :bootpc *:
    udp 0 0 :46086 *:
    udp 0 0 localhost:mdns :
    udp6 0 0 [::]:59565 [::]:*
    [email protected]:~$ netstat -ant
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    tcp 0 0 127.0.0.1:631 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:6136 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9050 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9051 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9052 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9150 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9061 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9062 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9040 0.0.0.0 LISTEN
    tcp 0 0 192.168.1.104:54300 94.130.183.13:443 ESTABLISHED
    tcp 0 0 127.0.0.1:48766 127.0.0.1:9062 TIME_WAIT
    tcp 0 0 192.168.1.104:33004 95.216.30.245:443 ESTABLISHED
    tcp 0 0 127.0.0.1:48770 127.0.0.1:9062 TIME_WAIT
    tcp 0 0 127.0.0.1:48772 127.0.0.1:9062 TIME_WAIT
    tcp 0 0 127.0.0.1:48774 127.0.0.1:9062 TIME_WAIT
    tcp 0 0 192.168.1.104:44176 171.25.193.77:443 ESTABLISHED
    tcp 0 0 192.168.1.104:49888 94.130.180.220:443 ESTABLISHED
    tcp 0 0 127.0.0.1:48764 127.0.0.1:9062 TIME_WAIT
    [email protected]:~$ netstat -tnl
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    tcp 0 0 127.0.0.1:631 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:6136 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9050 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9051 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9052 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9150 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9061 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9062 0.0.0.0 LISTEN
    tcp 0 0 127.0.0.1:9040 0.0.0.0 LISTEN
    [email protected]:~$ netstat -nlpt
    (Not all processes could be identified, non-owned process info
    will not be shown, you would have to be root to see it all.)
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 127.0.0.1:631 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:6136 0.0.0.0 LISTEN 3858/perl
    tcp 0 0 127.0.0.1:9050 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:9051 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:9052 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:9150 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:9061 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:9062 0.0.0.0 LISTEN -
    tcp 0 0 127.0.0.1:9040 0.0.0.0 LISTEN -
    [email protected]:~$ netstat -s
    Ip:
    1556 total packets received
    2 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    1553 incoming packets delivered
    1703 requests sent out
    4 dropped because of missing route
    Icmp:
    0 ICMP messages received
    0 input ICMP message failed.
    ICMP input histogram:
    0 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
    Tcp:
    13 active connections openings
    6 passive connection openings
    1 failed connection attempts
    1 connection resets received
    4 connections established
    1527 segments received
    1673 segments send out
    4 segments retransmited
    0 bad segments received.
    1 resets sent
    Udp:
    26 packets received
    0 packets to unknown port received.
    0 packet receive errors
    26 packets sent
    UdpLite:
    TcpExt:
    4 TCP sockets finished time wait in fast timer
    25 delayed acks sent
    691 packet headers predicted
    113 acknowledgments not containing data payload received
    99 predicted acknowledgments
    1 other TCP timeouts
    1 connections reset due to unexpected data
    TCPSackShiftFallback: 3
    TCPRcvCoalesce: 571
    TCPOFOQueue: 145
    TCPAutoCorking: 54
    TCPSynRetrans: 4
    TCPOrigDataSent: 485
    IpExt:
    InOctets: 2677845
    OutOctets: 575726
    InNoECTPkts: 2222
    [email protected]:~$ netstat -r
    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface
    default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
    192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
    [email protected]:~$ netstat -rn
    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface
    0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    [email protected]:~$ netstat -i
    Kernel Interface table
    Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
    eth0 1500 0 2027 0 0 0 1509 0 0 0 BMRU
    lo 65536 0 208 0 0 0 208 0 0 0 LRU
    wlan0 1500 0 0 0 0 0 0 0 0 0 BMU
    [email protected]:~$ netstat -ie
    Kernel Interface table
    eth0 Link encap:Ethernet HWaddr 2c:56:dc:14:72:37
    inet addr:192.168.1.104 Bcast:192.168.1.255 Mask:255.255.255.0
    inet6 addr: fe80::2e56:dcff:fe14:7237/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:2033 errors:0 dropped:0 overruns:0 frame:0
    TX packets:1513 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:2663934 (2.5 MiB) TX bytes:528289 (515.9 KiB)

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:65536 Metric:1
    RX packets:208 errors:0 dropped:0 overruns:0 frame:0
    TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1
    RX bytes:73173 (71.4 KiB) TX bytes:73173 (71.4 KiB)

    wlan0 Link encap:Ethernet HWaddr 30:52:cb:e8:77:0e
    UP BROADCAST MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:0 (0.0 TX bytes:0 (0.0

    [email protected]:~$ netstat -g
    IPv6/IPv4 Group Memberships
    Interface RefCnt Group
    --------------- ------ ---------------------
    lo 1 all-systems.mcast.net
    eth0 1 all-systems.mcast.net
    wlan0 1 all-systems.mcast.net
    lo 1 ip6-allnodes
    lo 1 ff01::1
    eth0 1 ff02::1:ff14:7237
    eth0 1 ip6-allnodes
    eth0 1 ff01::1
    wlan0 1 ip6-allnodes
    wlan0 1 ff01::1
    [email protected]:~$ netstat -atnp | grep ESTA
    (Not all processes could be identified, non-owned process info
    will not be shown, you would have to be root to see it all.)
    tcp 0 0 192.168.1.104:54300 94.130.183.13:443 ESTABLISHED -
    tcp 0 0 192.168.1.104:33004 95.216.30.245:443 ESTABLISHED -
    tcp 0 0 192.168.1.104:44176 171.25.193.77:443 ESTABLISHED -
    tcp 0 0 192.168.1.104:49888 94.130.180.220:443 ESTABLISHED

    [email protected]:~$ sudo netstat -ltpe
    [sudo] password for amnesia:
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
    tcp 0 0 localhost:ipp *:* LISTEN root 23122 3700/cupsd
    tcp 0 0 localhost:6136 *:* LISTEN amnesia 22806 3614/perl
    tcp 0 0 localhost:9050 *:* LISTEN root 28400 5961/tor
    tcp 0 0 localhost:9051 *:* LISTEN root 28406 5961/tor
    tcp 0 0 localhost:9052 *:* LISTEN tor-controlport-filter 19759 2753/python
    tcp 0 0 localhost:9150 *:* LISTEN root 28403 5961/tor
    tcp 0 0 localhost:9061 *:* LISTEN root 28401 5961/tor
    tcp 0 0 localhost:9062 *:* LISTEN root 28402 5961/tor
    tcp 0 0 localhost:9040 *:* LISTEN root 28405 5961/tor
    [email protected]:~$
     
  2. Couriant

    Couriant Trusted Advisor

    Joined:
    Mar 26, 2002
    Messages:
    34,635
    First Name:
    James
    What prompted you to do this command?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1212733

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice